Business email compromise (BEC) and ransomware attacks are among the most prevalent cyber threats currently facing organizations, while the rise of generative AI (GenAI) offers challenges to secure usage policies’ design and implementation.

These were among the results of a global Arctic Wolf survey of over 1,000 senior IT and cybersecurity decision-makers across 15 countries.

The study found seven in 10 organizations were targeted by BEC attacks in the past year and nearly a third (29%) experienced successful breaches.

Ransomware attacks also surged, according to the Arctic Wolf survey, with 45% of respondents reporting incidents in the last 12 months, up from the previous year. The majority (86%) of these ransomware attacks included successful data exfiltration.

Meanwhile, transparency in breach disclosures is becoming more common due to regulatory pressures.

Two-thirds (66%) of the organizations that suffered data breaches in the last year publicly disclosed the incidents, while 30% informed only the affected parties.

Navigating new compliance demands requires ample time and resources for IT teams to digest information and implement proper strategies to meet those guidelines, said Ian McShane, Arctic Wolf vice president of managed detection and response (MDR).

“However, managing cybersecurity incidents is far more of a concern in our current threat landscape,” McShane added. One of the biggest challenges is ensuring that an organization is catching cybersecurity incidents when they occur in real-time.

The research found that nearly half (48%) of organizations identified a successful breach within their environment in the last 12 months, However, McShane noted that does not inversely mean that 52% of organizations did not suffer a breach. “Within that 52%, we can infer that some organizations either lack the needed technology to identify indicators of a breach or lack the expertise to recognize evidence of a breach,” he said.

Cyber Insurance Finds Broad Adoption

Cyber insurance has become a critical component of risk management. Only 5% of organizations opt out of coverage. The majority (66%) have active policies, and nearly a third (29%) are in the process of obtaining or planning to acquire coverage this year.

McShane said like other kinds of liability insurance, organizations should look at cyber insurance to transfer part of their risk to an insurance carrier in the event of a cyber incident or breach. “To assess insurance needs, organizations can look at things like weighing the cost of premiums to their actual risk,” he said.

For example, significant downtime on production lines due to an attack could prove costly—as is the potential reputation hit stemming from a data leak.

When assessing cyber insurance needs, it is important to understand the organization’s cybersecurity posture. “Insurers need to know that customers are not inviting undue risk by neglecting common sense security practices,” McShane said.

Threat actors try to understand the technologies and educational procedures IT security leaders put in place. As part of the recon or exfil, an attacker often looks for proof that an organization has a robust cyber insurance policy. “It’s not much of a stretch to assume that this info can be gathered through OSINT,” McShane noted.

If an attacker knows the organization doesn’t have insurance and thus is more likely to pay up, the attacker will do as much as possible to indicate payment is the best option.

“On the other hand, if they know your organization has insurance and is more likely to just rebuild, they may cause as much disruption as fast as possible in the hopes that you’ll pay them instead,” McShane pointed out.

GenAI Prompts Focus on Usage Policies

The rise of GenAI has prompted a significant focus on usage policies, with 94% of organizations either having or planning to implement policies around GenAI and large language models (LLM) tools this year.

Nearly half of the survey respondents said they have a policy in place for AI use, while a third of respondents strictly forbid the use of AI tech in their environment.

“There is certainly a delicate balance between the benefits of adopting AI technology—of which there are many—and the potential security risks leaders must assess when implementing new LLM and generative AI tools,” McShane said. “There is no one-size-fits-all strategy to formalizing adoption and usage policies.”

McShane recommended organizations and IT security leaders identify the level of usage they are comfortable with and go from there.

Photo by Brian Aitkenhead on Unsplash